Atlantica Digital addresses the market with an integrated approach to the problems of logical data and infrastructure security by offering Consulting, Training, Vulnerability Management, Identity Governance, SIEM and Data Security services.
In addition to the vast portfolio of services offered, a proprietary product of Security Access and Monitoring Management that allows compliance with one of the new principles and requirements introduced by the GDPR, such as accountability.
Atlantica designs and implements Information Security solutions using the most innovative Cyber Security technologies on the market, to offer the best combined solution between processes and products. The goal of Atlantica Security experts is to create the best security barrier to the risks of modification or loss of data and information, thanks to the decades of experience gained in the field.
Information in general and data in particular increasingly represent the core business or a strategic asset for each organization; the compromise or dissemination of this data or information could cause economic or image damage often incalculable for the victim company.
The reference frameworks from which Atlantica is inspired and offers its customers in the provision of services, are all internationally recognized standards and adopted as guides also by national and supranational authorities (AgID or ENISA):
- ISO / IEC 27001: 2013 is the standard that defines the requirements for establishing, implementing, and maintaining an information security management system.
- ISO / IEC 27701: 2019 are the Standard Guidelines that define the requirements for implementing a management system for the security of personal data and that integrates with the GDPR, because it collects the needs and the spirit of protecting the rights of data subjects in a Security and Data Protection perspective.
The solutions described above allow organizations to adapt to national and supranational obligations, such as:
The NIS Directive: published by the EU in 2018 which establishes the obligation for each Member State to adopt a national cyber security strategy.
The now “famous” GDPR (EU 679/2016): European citizen data protection regulation, mandatory for companies and organizations that collect and manage personal data in Europe.
Atlantica offers a VA service that allows its customers (public or private) to become aware of the vulnerabilities of its information system: both on the classic infrastructure of servers and software applications, but also on mobile systems, in the cloud and industrial control. The result of the VA allows to establish those mitigation actions that solve or minimize the risks caused by the vulnerabilities discovered. Atlantica proposes solutions capable of continuously monitoring the presence of vulnerabilities – induced, for example, by the lack of software updates, by incorrect configurations, by the presence of non-fundamental services or by bugs present in software development – and allow to evaluate the general level safety and planning of mitigation actions.
Integrated systems of technologies, policies and procedures allow organizations to simplify and, at the same time, control user access to applications and data, protecting them from unauthorized access.
Atlantica has adopted a framework capable of determining and controlling how identity information is used, stored and propagated within (IT and business) and outside the organization (suppliers, customers).
Atlantica realizes SIEM (security information and event management) solutions capable of acquiring and processing event data from thousands of different sources, in real time, offering the early detection of developing threats, respecting the continuous monitoring requirements.
Provides comprehensive compliance reporting functions to meet or exceed applicable requirements.
SAM is the proprietary platform for the management of user activities (privileged and otherwise) and access to corporate resources which guarantees compliance with Italian regulations, international standards and best practices in the field of security.
SAM collects evidence for the certain attribution of responsibility for fraudulent or harmful activities; at the same time it protects the administrators to allow, where necessary, the irrefutable proof of their correct work. It implements a concrete and perceptible deterrence of fraud and damage carried out by IT system administrators (employees, third parties and outsourcers) since it makes it impossible to manipulate or delete traces of improper activities.
SAM integrates with the systems in use and guarantees:
• direct causal link between the action taken and the recorded log;
• validity of the chain of custody of the evidence collected;
• Real-Time warning on any fraud committed with a reduction in false positives.
The encryption and data masking solutions offered by Atlantica constitute one of the most important technological pillars to guarantee Data Security, and is always supported by the solution for the control of the users privileges (SAM).